3 matches found
CVE-2020-9331
CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation by local users with the SeChangeNotifyPrivilege right because user-mode input is mishandled during process creation. An attacker can write arbitrary data to an arbitrary location in the kernel's address space...
CVE-2020-9331
CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation by local users with the SeChangeNotifyPrivilege right because user-mode input is mishandled during process creation. An attacker can write arbitrary data to an arbitrary location in the kernel's address space...
CVE-2020-9331
CVE-2020-9331 affects CryptoPro CSP up to version 5.0.0.10004 on 32-bit platforms. The root cause is mishandling of user-mode input during process creation, enabling a local attacker with SeChangeNotifyPrivilege to write arbitrary data to the kernel address space, resulting in Local Privilege Esc...